Running targeted/enforcing, latest rawhide.
Notice the following AVC generated by VMware init sequence:
Mar 30 06:33:35 localhost kernel: audit(1112193215.505:0): avc:
denied { search } for pid=3690 exe=/sbin/ifconfig name=net dev=sysfs
ino=225 scontext=user_u:system_r:ifconfig_t
tcontext=system_u:object_r:sysfs_t tclass=dir
Mar 30 06:33:35 localhost kernel: vmnet8: failed sysfs registration (-13)
This seems to imply:
allow ifconfig_t sysfs_t:dir search;
ifconfig.te has
domain_auto_trans(initrc_t, ifconfig_exec_t, ifconfig_t)
So, should ifconfig_t be allowed the same access to sysfs_t as initrc_t, such as
r_dir_file(ifconfig_t, sysfs_t)
thanks,
tom
--
Tom London
